16 matches found
EUVD-2025-13284
Malicious code in bioql PyPI...
EUVD-2025-20450
Malicious code in bioql PyPI...
A Researcher Figured Out How to Reveal Any Phone Number Linked to a Google Account
Phone numbers are a gold mine for SIM swappers. A researcher found how to get this precious piece of information through a clever brute-force attack...
CVE-2025-48926
The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords, and telephone numbers...
TeleMessage 安全漏洞
TeleMessage is a secure and compliant messaging solution for organizations from TeleMessage Israel. A security vulnerability exists in TeleMessage version 2025-05-05 and earlier, which stems from an administrative panel that allows an attacker to discover usernames, email addresses, passwords, an...
CVE-2025-32881
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. By default, the GID is the user's phone number unless they specifically opt out. A phone number is very sensitive information because it can be tied back to individuals. The app does not encrypt the GID in messages...
CVE-2025-32884
An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. By default, a GID is the user's phone number unless they specifically opt out. A phone number is very sensitive information because it can be tied back to individuals. The app does not encrypt the GID in messages...
PT-2025-18671 · Gotenna · Gotenna Mesh
Name of the Vulnerable Software and Affected Versions: goTenna Mesh versions 5.5.3 and firmware 1.1.12 Description: A problem was discovered in goTenna Mesh devices where the GID, by default, is the user's phone number unless they opt out. Since a phone number can be associated with individuals, ...
CVE-2025-32881
The CVE-2025-32881 entry concerns goTenna v1 devices with app 5.5.3 and firmware 0.25.5, where the GID default is the user’s phone number unless opted out. The issue is that the GID is not encrypted in messages, creating a potential privacy risk since a phone number can be linked to individuals. ...
CVE-2024-47043
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to correlate a device serial number and the user's phone number and part of the email address...
LinkedIn: Can see phone numbers of others by providing mail address
The vulnerability allowed an attacker to view a user's phone number by abusing the password reset functionality. The phone number was exposed in the input field after verifying the user's email address...
CVE-2024-23210
This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, watchOS 10.3. An app may be able to view a user's phone number in system logs...
Samsung Account 安全漏洞
Samsung Account is a cell phone account from Samsung, a South Korean company. versions prior to Samsung Account 13.2.00.6 contain a privilege management vulnerability that could be exploited to obtain a user's email or phone number with normal-level privileges...
Zenly Social-Media App Bugs Allow Account Takeover
Zenly, a social app from Snap that allows users to see the locations of friends and family on a live map, contains a pair of vulnerabilities that could endanger those being tracked. According to the Checkmarx Security Research Team, the bugs are a user-data exposure vulnerability and an...
Hydrogen Krypton Travel App for Android suffers from an override access vulnerability
Hydrogen Krypton Travel APP is a comprehensive service platform in the field of new energy vehicles. The vulnerability exists in "My Wallet" and "My Orders" in the Android version of Hydrogen Krypton Mobility APP, which allows an attacker to view any user's details by using their cell phone numbe...
Uber: phone number exposure for riders/drivers given email/uuid
Hi , Summary I have found one more vulnerable endpoint that is leaking user's phone number when i submit UUID in the request. This attack works for both Driver and Rider. Security Impact We can get any Rider or Driver private phone number by knowing his UUID. Reproduction Steps 1 . Enter victim's...